As mentioned in the article "Too many files open (Too many open files"), modifying the limit.conf file allows you to make the maximum number of file modifications, and so on. However, in the actual operation in the SSH login through the ulimit–n query out of the largest file is not limit.conf value. To this end, continue to trace what's going on.
1, limit.conf This file in the end is how the file, this file in the end how to play a role?
With some learning about Linux, the original limit.conf profile is a pam_limits.so profile in the Linux PAM (plug-in authentication module, pluggable authentication Modules).
2. What is Pam?
In this borrowing Baidu know the internet popular answer: Simply, Pam is mainly composed of a set of shared library files (that is, the suffix named. so file) and a number of configuration files for the system service authorization of a set of things, wherein Pam is pluggable authentication Modules Abbreviations for these English words. When you request a service, the PAM-certified application interacts with these. so files to see if they can be authorized to use the service, such as Su, Vsftp, httpd, and so on, to the user who initiated the request. If the authentication succeeds, the user can use the service or complete the command, and if the authentication fails, the user will not be able to use the service, and Pam will write a warning message to the specified log file. We can consider Pam as an intermediate referee, which does not depend on any application or service. You can completely upgrade these apps or services without having to take care of updates or upgrades of the PAM shared library, and vice versa. So it's very flexible.
He is a shared library, just like a DLL file under window. One of the greatest advantages of unix/linux is the cohesion-poly low coupling. This is not the embodiment of it.
Oh, originally Pam is such a thing, then finally know why in "File open too much (Too many open files)" in the article to mention to add a statement under/etc/pam.d/login
Session Required Pam_limits.so
Then the login add only when the SU switch user's time limit.conf to take effect, also opened why SSH in the past can not see the value of the setting and SU users will be able to see.
That login can add the PAM function, according to the truth, SSH should also be possible. Once again, SSH can also be configured in the/etc/ssh/sshd_config file. There is a "usepam yes" to remove the #, turn on this function (the specific PAM authentication module is also in the sshd configuration file of the/etc/pam.d/directory).
3, if only set the login Pam_limits.os, and closed the SSH. So what is the process of opening in two states?
With this question and on the Internet to find some test code, after processing the following:
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <sys/resource.h>
Main ()
{
struct Rlimit limit;
while (1) {
Getrlimit (Rlimit_nofile,&limit);
printf ("The process can open%dfiles\n", limit.rlim_cur);
Sleep (2);
}
}
This code opens the book by printing the largest file of the current process. After testing, SU in the user open process, printing is indeed the value of limit.conf settings, and through SSH to execute this code to print is to modify the limit.conf parameter before the value (that is, limit.conf does not take effect).
This may be related to the Linux system process, user sessions, because of narrow knowledge, so in the forum asked a bit, the netizen gave me a connection: Http://linux.die.net/man/8/pam_limits. The original text has such a sentence:
The Pam_limitspam module sets limits on the system resources, can be obtained in auser-session. Users of Uid=0 is affected by this limits, too.
This pam_limitspam is valid for the user session and is valid for process No. 0 (kernel process).
In the process there is a question, we usually operate through the terminal to operate, the process of the parent process is the current terminal process, such as SSH, but some of the process is running in the background. When it is turned on, shut down the terminal, then who are they to belong to? Discovered by observation. These lonely processes were taken over by the 1th process. This may involve issues with Linux process management. Not in-depth study.
4. Is the pam_limits effective in relation to the process?
I think of a situation, if I use SSH to open the process, the ID of this parent process is my SSH process. When I quit SSH, the child process was not shut down and went into the 1th process (for example, our common Java process). So will the maximum file opening number of this child process change back to the value of the limit.conf file setting? Because the SSH process goes in the value is the value before the limit.conf modification. SSH in and open my test process the print is really not the same as the current limit.conf value, it is not effective. I also found a method on the Internet, directly to the test code of the sub-process directly assigned to the 1th process: Setsid. After testing, the maximum number of open files printed has not changed. Like it says, this Pam setting is related to user sessions.
Test over. Later found a problem, continue to follow up.
Too many files open (Too many open files)